I've been wondering about how large online software companies, specifically those based around a single massive product, like Google, Facebook, Yahoo, etc. handle the risk of terminated employees. Any ...

Say you are conducting a penetration test of an internal network. The internal network comprises of workstations, servers and company and contractor laptops.
In an ideal world, the penetration test ...

I've been interested in IT security for a bit (~1 year) and had a bit of experience with NSM as well as web security.
I want to have an overview of the entire industry, with all relevant niches and ...

I am curious how the community here keeps track of a user's accounts. For instance, in the event of an employee transitioning from the company, how does security make sure that all user accounts the ...

The other day, I participated in a discussion on Meta Stack Overflow about what to do when a user publishes credentials (usually inadvertently) to a Stack Exchange post. (GitHub and other sites have ...

Have any of you security professionals been able to get security performance metrics into reviews that managers conduct for their employees? If so, are there any helpful resources you could share to ...

I'm looking at revamping how our weekly team meetings are conducted. There is not a lot of techies in the meeting as the majority of operational work is outsourced.
I'm not looking for answers about ...

Does anyone know of a short security quiz that could be administered online, to test the security knowledge of a developer? I'm looking for something simple to administer and simple to grade, ideally ...

What sorts of jobs are there, in which organizations, with what sorts of day-to-day responsibilities?
What areas are good for folks coming out of school, vs what are good 2nd careers for experienced ...

Is anyone familiar with an ISO standard outlining the hiring of labour for vendors being hired by DHS or Canadian government? I've found security standards but nothing for hiring practices.
Edit for ...

What is your experience with applying IT policy to the Board of Directors?
Please mention the country and industry you have experience in, since the advice you're sharing may or may not be the same ...

If a user leaves an organisation who knew most of the top credentials are there any other precautions that need to be taken other than changing those credentials?
Obviously there is also the standard ...